(2013-01-28) Fixing The ProxyAddresses Attribute In AD With PowerShell

At a customer of mine (no names are or will be mentioned to protect the innocent!) I’m rebuilding their FIM GAL Sync solution. After running the Full Import (Stage Only) Run Profile I started the Full Synchronization Run Profile and during that Run Profile the FIM Sync Engine started to complain about incorrect/unexpected values in the proxyAddresses attribute of CONTACT objects in the target OU of a connected AD forest.

–

After investigating the data health I found out that just over 1700 contacts had a proxyAddress value as shown in the picture below

Figure 1: Contact Object With An Incorrect X500 Address

–

Because there were too many objects to do it by hand, creating a PowerShell script was the next step.

I required the following three PowerShell scripts:

Export all the proxyAddresses values of the contacts objects with an X500 address as shown in the figure 1 (a safe measure)

Remove the incorrect X500 address from the proxyAddresses values of the affected contact objects (the cleanup)

Reimport all the proxyAddresses values prior to the removal of the incorrect X500 address (risk mitigating action)